Техническая информация
- '%TEMP%\explorer.exe'
- '<SYSTEM32>\cmd.exe' /c ""%TEMP%\delself.bat" "
- <SYSTEM32>\0le32.dll
- <DRIVERS>\Changer.sys
- %WINDIR%\1.tmp
- %TEMP%\delself.bat
- C:\tmp.tmp
- %TEMP%\explorer.exe
- C:\tmp2.tmp
- <SYSTEM32>\67-105-7163
- %WINDIR%\1.tmp
- C:\tmp.tmp
- C:\tmp2.tmp
- 'ww####.seerfers.com':1254
- 'qd.##olans.com':80
- qd.##olans.com/pw.txt
- DNS ASK ww####.seerfers.com
- DNS ASK qd.##olans.com
- ClassName: 'Progman' WindowName: '(null)'
- ClassName: 'Shell_TrayWnd' WindowName: '(null)'